“Those who cannot remember the lessons of history are condemned to repeat them.”
-George Santayana
It seems that 2011 was a year that tried our industry. All things cyber grabbed headlines, and the very nature of trust in a digital world was brought into question. This might have to do with my personal perspective, but it came to a head with our own breach in March here at RSA. There were others in the world of security that were hit, and I am sure that from their epicenters it was as nauseating to watch the ripples move out through the internet.
The aftershocks continued in the wake of our incident, but we all as an industry learned from the events and incidents and have, I believe, moved on. My own blogging and social media frequency dropped from a pretty frequent rate to a much lower rate as I (and my colleagues) spent a lot of time first responding and then reaching out to pro-actively share our experiences and learnings. In fact, on the brink of 2012, I think we are asked to help companies prepare for or deal with the nasty realities of computing in an inherently hostile but still phenomenally attractive world more than we ever were before (and that was sizable) and more than I would have thought possible as recently as a year ago.
The close of the year was heartening as well for two reasons. First, I am seeing collaboration take off in a big way. I’ve visited with a lot of companies towards the end of the year to share our “lessons learned” and we’ve hosted many advanced threat summits. I see folks are coming together and sharing information and wisdom on scales that are inspiring and ambitious. Second, and more personally, SecurID continues to receive a wave of positive acclaim and attention across the industry. The following list speaks for itself:
- RSA SecurID Wins 2011 SC Magazine Award for Best Multifactor Authentication product
- RSA SecurID Wins Gold in Information Security Magazine Reader’s Choice Award 2011 for Best Authentication Product
- RSA SecurID WinsRedmond Magazine 2011 Reader’s Choice Award for Best Smart Card/Biometric/Two-Factor Authentication System
The number one question I get asked when I share our experiences is “how do we mature as a security organization without having to go through what you went through?” And the truth is that I don’t know how to answer that. I like to think that one of the “silver linings” on our dark cloud is helping to drive awareness across the Security / Business divide, but it’s far from enough to change the basic realities and challenges that security people have every day to drive security in a company’s risk agenda.
So it’s the first business week of 2012, and I am going to drive my agenda and what I do around trust this year. We need more trust in the digital world, and that is only going to be achieved by rolling up our sleeves and diving in together. So here’s to 2012: let’s make it a year where security breaks out and we as a community build a solid foundation for trust in a digital world.
